rConfig 3.9 SQL Injection
Posted by deepcore under exploit (No Respond)
rConfig version 3.9 suffers from a remote SQL injection vulnerability.
Archive for March, 2020
rConfig 3.93 Authenticated Remote Code Execution
Posted by deepcore under exploit (No Respond)
rConfig version 3.93 suffers from an authenticated ajaxAddTemplate.php remote code execution vulnerability.
ASUS AAHM 1.00.22 Unquoted Service Path
Posted by deepcore under exploit (No Respond)
ASUS AAHM version 1.00.22 suffers from an asHmComSvc unquoted service path vulnerability.
HRSALE 1.1.8 Cross Site Request Forgery
Posted by deepcore under exploit (No Respond)
HRSALE version 1.1.8 suffers from a cross site request forgery vulnerability.
WordPress Appointment Booking Calendar 1.3.34 CSV Injection
Posted by deepcore under exploit (No Respond)
WordPress Appointment Booking Calendar plugin version 1.3.34 suffers from a CSV injection vulnerability.
AtMail WebMail 4.61 Open Redirect
Posted by deepcore under exploit (No Respond)
AtMail WebMail versions 4.61 and below suffer from an open redirection vulnerability.
WatchGuard Fireware AD Helper 5.8.5.10317 Credential Disclosure
Posted by deepcore under exploit (No Respond)
WatchGuard Fireware AD Helper component version 5.8.5.10317 suffers from a credential disclosure vulnerability.
Horde Groupware Webmail Edition 5.2.22 PHAR Loading
Posted by deepcore under exploit (No Respond)
Horde Groupware Webmail Edition version 5.2.22 suffers from a PHAR loading vulnerability.
Horde Groupware Webmail Edition 5.2.22 PHP File Inclusion
Posted by deepcore under exploit (No Respond)
Horde Groupware Webmail Edition version 5.2.22 suffers from a PHP file inclusion vulnerability.
Chrome BlobURLStoreImpl::Register Site Isolation Bypass
Posted by deepcore under exploit (No Respond)
Chrome suffers from a site isolation bypass in BlobURLStoreImpl::Register.